Re: could not accept SSL connection: Success

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Carla Iriberri <ciriberri(at)salesforce(dot)com>, pgsql-general <pgsql-general(at)postgresql(dot)org>
Subject: Re: could not accept SSL connection: Success
Date: 2022-01-20 04:32:45
Message-ID: Yejl7fI5YakWGOv3@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Wed, Jan 19, 2022 at 08:06:30PM -0500, Tom Lane wrote:
> Michael Paquier <michael(at)paquier(dot)xyz> writes:
> > Leaving things in their current state is fine by me. Would it be
> > better to add a note about the business with 3.0 though?
>
> What do you envision saying? "We don't need to do anything here
> for 3.0" doesn't seem helpful.

Nope, but the idea would be to keep around a note that we may want to
revisit this area of the code based on the state of upstream, because
our code is currently shaped based on problems that OpenSSL has dealt
with. I am not completely sure, but something among the line of:
"OpenSSL 1.1.1 and older versions return nothing on an unexpected EOF,
and errno may not be set. 3.0 reports SSL_ERROR_SSL with a
meaningful error set on the stack, so this could be reworked once
support for older versions is removed."

Perhaps that's just nannyism from my side, this is really minor at the
end.
--
Michael

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Laurenz Albe 2022-01-20 08:02:15 Re: Can we get the CTID value
Previous Message Tom Lane 2022-01-20 01:06:30 Re: could not accept SSL connection: Success